[GeoNode-users] geoserver authentication in multi-geosites
Eugenio Trumpy
frippe12573 at hotmail.com
Wed May 31 06:20:48 PDT 2017
Hi Alessio,
the raster layer is a public layer. It can be seen by anyone (check box marked). There is also my name among the users. The same for download capabilities.
I saw this information in the 'Change layer permissions' panel.
What do you mean with "Is the geotiff present and configured on the second instance too"? If you mean that the raster layer is listed also in the child site,
the answer is yes.
I don't know how to catch the request, however the geoserver log output is:
https://pastebin.com/W0K9LHde
any hints?
E.
________________________________
Da: Alessio Fabiani <alessio.fabiani at gmail.com>
Inviato: mercoledì 24 maggio 2017 15.50
A: Eugenio Trumpy
Cc: geonode-users; Simone Dalmasso
Oggetto: Re: [GeoNode-users] geoserver authentication in multi-geosites
Is the geotiff present and configured on the second instance too? Is it private or publicly accessible? Can you somehow intercept the requests and send them here?
On May 20, 2017 15:20, "Eugenio Trumpy" <frippe12573 at hotmail.com<mailto:frippe12573 at hotmail.com>> wrote:
Hi all,
unfortunately I was not able to solve the issue raised in this thread. I was just living in the situation described.
However, today I have to face a consequent, I guess, issue.
>From a child site I'm not able to download a raster layer (uploaded as tif) in geotiff format (i.e. in the download menu there is not the item 'Geotiff').
If I try to download the same raster layer from the master site it is possible (i.e. in the download menu there is the item 'Geotiff').
I think is a matter of geoserver configuration/authentication in geonode-multitenancy environment.
Have you got any suggestion?
E.
________________________________
Da: Simone Dalmasso <simone.dalmasso at gmail.com<mailto:simone.dalmasso at gmail.com>>
Inviato: mercoledì 5 aprile 2017 15.39
A: Eugenio Trumpy
Cc: geonode-users at lists.osgeo.org<mailto:geonode-users at lists.osgeo.org>
Oggetto: Re: geoserver authentication in multi-geosites
Eugenio, I don't see wrong config. It is ok I guess to leave the master site host in the gs config as well as I think it is ok that you cannot log in directly into gs from a child site. That said, when geosites was developed, the geoserver ext was modified to make sure that geoserver pings the same host that made the http request for authentication instead of relying on the base url parameter. So ideally it should work as you would expect.
2017-04-05 14:39 GMT+02:00 Eugenio Trumpy <frippe12573 at hotmail.com<mailto:frippe12573 at hotmail.com>>:
Hi,
I'm working on geonode 2.4 in a Ubuntu server 14.04LTS (tomcat7, java8).
I had to upgrade geoserver from 2.7.x version up to 2.9.x.
In the system I configured geonode to work as multi-geosites.
The master site is the normal geonode site, I mean it use the local_setting.py I have in /geonode/geonode
The geosites are in /geonode/geonode/contrib/geosites, and they use the relative config files.
The documentation: https://github.com/terranodo/geosites-project/blob/master/GEOSITES-README.md
indicates to leave empty <baseurl> in config.xml in security/auth/geonodeauthprovider/
In that way I have this error:
java.lang.IllegalArgumentException: host parameter is null
org.apache.commons.httpclient.HttpConnection.<init>(HttpConnection.java:206)
org.apache.commons.httpclient.HttpConnection.<init>(HttpConnection.java:155)
org.apache.commons.httpclient.SimpleHttpConnectionManager.getConnectionWithTimeout(SimpleHttpConnectionManager.java:175)
org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:153)
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
org.geonode.security.HTTPClient.sendGET(HTTPClient.java:89)
org.geonode.security.DefaultSecurityClient.authenticate(DefaultSecurityClient.java:185)
org.geonode.security.DefaultSecurityClient.authenticateCookie(DefaultSecurityClient.java:116)
org.geonode.security.GeoNodeAuthenticationProvider.authenticate(GeoNodeAuthenticationProvider.java:66)
org.geoserver.security.GeoServerAuthenticationProvider.authenticate(GeoServerAuthenticationProvider.java:58)
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:167)
org.geoserver.security.GeoServerSecurityManager$1.authenticate(GeoServerSecurityManager.java:323)
org.geonode.security.GeoNodeCookieProcessingFilter.doFilter(GeoNodeCookieProcessingFilter.java:94)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:69)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
org.geoserver.security.filter.GeoServerSecurityContextPersistenceFilter$1.doFilter(GeoServerSecurityContextPersistenceFilter.java:53)
org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:73)
org.geoserver.security.filter.GeoServerCompositeFilter.doFilter(GeoServerCompositeFilter.java:92)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
org.geoserver.security.GeoServerSecurityFilterChainProxy.doFilter(GeoServerSecurityFilterChainProxy.java:152)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
org.geoserver.filters.LoggingFilter.doFilter(LoggingFilter.java:87)
org.geoserver.filters.GZIPFilter.doFilter(GZIPFilter.java:42)
org.geoserver.filters.SessionDebugFilter.doFilter(SessionDebugFilter.java:48)
org.geoserver.filters.FlushSafeFilter.doFilter(FlushSafeFilter.java:44)
org.springframework.web.filter.CharacterEncodingFilter.doFilterIntaernal(CharacterEncodingFilter.java:121)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
both if I use the geoserver link in the menu (once logged in) and if I call geoserver by using the geoserver url in the browser address bar.
If set the doman name of the master site in <baseurl> in config.xml in security/auth/geonodeauthprovider/
I'm able to enter in geoserver as admin from the menu, by the way doing the same operation from a geosite
I got the geoserverage but not logged.
The master site virtualhost as well as those of the geosites have the proxypass and reverse pointing to http://localhost:8080/geoserver
The same in /geonode/geonode/contrib/geosites/local_setting.py and pre-setting.py I have http://localhost:8080/geoserver
Is there a wrong configuration?
Any hints?
--
Simone
_______________________________________________
geonode-users mailing list
geonode-users at lists.osgeo.org<mailto:geonode-users at lists.osgeo.org>
https://lists.osgeo.org/mailman/listinfo/geonode-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170531/c24bf6e8/attachment.html>
More information about the geonode-users
mailing list